Every organization today is on guard for cyberattacks. But as an OEM, the risks extend far beyond your own facility. Once a solution is deployed, those risks can affect hundreds or thousands of your customers, as well as tens or hundreds of thousands of end users. And that makes a strong defense ever more importantโand challenging.
The fact is bad actors are constantly finding new ways to exploit vulnerabilities, and in a typical manufacturing environment the potential attack surface is broad. Robots on the assembly line, time management systems, your enterprise resource planning platform, back-end analytics and front-end monitoring, and every IoT device imaginableโall are potential points of entry for a cyberattack.
Importantly, when a point of entry is breached, the cost is significant. According to a survey commissioned by the cybersecurity company, Sophos, 66% of organizations worldwide were hit by ransomware in 2022, and the average recovery cost (excluding ransom) for each company was US$1.82 million.[1]
What can OEMs do to better protect their assets and those of their customers? At HPE, we take a holistic approach to cybersecurity for our OEM partners. In fact, we start even before our compute platforms are built, continue with rigorous security measures during our manufacturing process, and extend our protections out into the field by leveraging AIOps and our cybersecurity ecosystem to provide ongoing prevention, detection, and response to cyberthreats from the edge to the cloud.
First line of defense: securing each solution component
Your first line of defense against cyberthreats starts with the HPE Trusted Supply Chain, which ensures that server security begins with corruption-free manufacturing. That means auditing the integrity of every component that goes into the servers we manufacturing, including hardware and firmware.
Every HPE ProLiant Gen11 server delivered to our OEM partners is also embedded with HPE iLO6 and the HPE Silicon Root of Trust technology, which anchors each server to an HPE-exclusive ASIC. This creates an immutable fingerprint (private key) that provides strong protection against firmware attacks and can prevent the server from booting if any compromises are detected. Similarly, the hardware root of trust on HPE Cray systems uses the baseboard management controller (BMC) to allow the system and BIOS to bilaterally see that each is unmodified and secure.
Extend cybersecurity from silicon to cloud
Also critical is continuing to preserve the security of your solutions and protect customer data following deployment. This can get extremely complex, but at HPE we help simplify cybersecurity with an edge-to-cloud strategy thatโs proven effective with our OEM partners around the world.
One example of how we apply our strategy is by building a zero-trust infrastructure on the HPE GreenLake edge-to-cloud platform. As mentioned earlier, the hardware and firmware that comprise the GreenLake platform are secured at the silicon level and every component comes through the HPE Trusted Supply Chain. Beyond that, the GreenLake platform is secured with integrity verification capabilities that cryptographically measure the HPE GreenLake operating environment 24/7. This automatically and continuously detects threats and unauthorized changes to the infrastructure, apps, and workloads.
We also help OEMs create secure solution environments through a combination of HPE OEM technologies and programs, as well as partnership across our cybersecurity ecosystem. For example, through our Virtual OEM (V-OEM) program, the cloud-based software company Nebulon has been able to embed and integrate its cyber-resilient infrastructure onto HPE ProLiant servers, allowing each server to be configured to meet the unique requirements of Nebulonโs end customers.
For IT solutions provider, Datex, building its data security solution on HPE ProLiant servers has enabled the company to sustain over 900,000 requests to its data protection platform per minute, and support 15,000 service demands per second in its customer-dedicated, hosted management environment.[2] In another application, SentryWire uses a combination of HPE Cray systems and HPE ProLiant servers in its network security monitoring platform to identify attack vectors down to the packet level, as well as capture and retain network traffic for years at half the cost of other systems.[3]
Secure your future through the HPE OEM program
Todayโs reality for OEMs and their customers is that defending against cyberattacks is an unrelenting need. And it is a need that is increasingly challenging to meet as attack surfaces expand, data becomes broadly distributed, and bad actors get more sophisticated.
HPE is here to help. Our OEM program is designed to help you meet escalating technical and data requirements, acquire secure high-performing products, simplify cybersecurity from edge to cloud, access global support and services, get the customizations required for your unique business, and accelerate your path to market.
Ready to secure your future against mounting cyberthreats? Letโs talk and map out a strategy to implement the cybersecurity solutions you need.
[1] Source: https://assets.sophos.com/X24WTUEQ/at/h48bjq7fqnqp3n5thwxtg4q/sophos-the-state-ransomware-2023-infographic-1200-1200px_2x.png
MattQuirk
With a passion for innovation and technology, I am lucky enough to work within high-growth opportunities across multiple industries including manufacturing, healthcare, energy, media and entertainment and security - with technology innovations that are advancing the way people live and work such as AI, autonomous everything and 5G.